Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62077.roa
File:                     AS62077.roa (raw, json)
Hash identifier:          3/9B28Cdm5HggAZF3lvKc9bQtIHl8EfczFp7sZOhTzY=
Subject key identifier:   97:F3:9A:4A:DB:12:FD:4A:02:2C:D8:A3:38:C4:AF:D5:49:BA:45:1B
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       3EDFFEFB1243E8CCE886D7FEE9AC06464E16D1E4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62077.roa
Signing time:             Tue 24 Dec 2024 07:20:28 +0000
ROA not before:           Tue 24 Dec 2024 07:15:28 +0000
ROA not after:            Tue 23 Dec 2025 07:20:28 +0000
asID:                     62077
IP address blocks:        92.113.44.0/24 maxlen: 24
                          92.113.45.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Feb 2025 14:35:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:df:fe:fb:12:43:e8:cc:e8:86:d7:fe:e9:ac:06:46:4e:16:d1:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Dec 24 07:15:28 2024 GMT
            Not After : Dec 23 07:20:28 2025 GMT
        Subject: CN=97F39A4ADB12FD4A022CD8A338C4AFD549BA451B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f4:0d:9a:33:f8:6e:7d:f7:42:ec:01:32:7d:
                    fb:a3:4b:e5:e6:fa:18:78:a4:91:ca:49:8f:36:73:
                    05:ff:d1:0e:5c:48:f1:b8:09:8c:50:2d:9b:23:04:
                    95:45:0c:fb:e6:f7:06:1c:9b:10:8b:eb:54:dd:82:
                    3b:01:57:a8:41:7c:ef:ab:78:bf:cc:59:6c:76:2e:
                    ce:4b:15:a1:25:91:7d:55:4e:95:26:8b:fb:de:f1:
                    15:5e:a2:ae:9b:1f:b9:d2:29:68:19:2d:aa:df:00:
                    b1:65:be:1d:02:bb:12:e3:2d:8c:cc:18:77:1a:9a:
                    d5:0f:86:a3:a4:9a:a0:67:cd:bf:76:07:ea:14:d3:
                    4b:20:3a:20:e5:b0:c1:a7:f7:33:30:ce:5e:4b:00:
                    20:46:ea:31:af:cc:dc:88:1c:bb:a3:7c:c4:c3:f5:
                    c8:a1:a2:b5:48:e3:01:f7:63:e8:72:1c:c0:8c:73:
                    a9:ba:49:e6:ff:8a:3a:dd:56:f6:7f:01:35:d9:22:
                    16:90:61:46:e5:33:e0:da:58:be:52:8d:64:92:16:
                    f3:2a:e3:36:6f:62:ae:18:99:af:11:44:2d:e1:bd:
                    f5:8a:8b:60:7f:f9:b1:47:51:bc:5d:29:a4:ba:21:
                    90:e4:cf:0f:40:b2:23:7e:aa:85:4e:bd:77:88:2e:
                    bd:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:F3:9A:4A:DB:12:FD:4A:02:2C:D8:A3:38:C4:AF:D5:49:BA:45:1B
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62077.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.113.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:21:a2:ed:75:ea:c3:a4:ad:4d:a5:00:69:00:69:f0:1a:e2:
         a8:df:3a:b3:c1:d4:0f:57:98:81:07:2f:5b:02:93:ad:9a:d7:
         00:94:c8:31:ec:18:2c:fe:0a:e2:68:d1:d2:94:ec:08:76:3f:
         13:a9:db:58:4a:6d:04:d6:09:15:fc:ab:37:32:61:b3:ee:f0:
         0d:78:f2:ce:3f:85:76:ff:9a:b0:01:92:0a:25:7f:04:2e:cd:
         ee:ab:df:03:31:0f:d3:ac:95:c1:7a:08:92:83:a8:8d:61:42:
         36:77:7f:66:87:0e:3f:9f:2b:c9:65:1c:c4:9c:2a:b1:1a:51:
         11:83:3f:bb:1b:cc:1c:10:1c:29:98:f3:19:86:c7:07:ef:5c:
         73:da:b9:72:cf:f9:ff:d8:91:46:df:ef:33:37:0b:e0:11:6c:
         81:aa:a5:74:76:c5:33:32:6d:24:6b:44:c9:11:b6:0a:0d:6e:
         f2:ec:3b:4b:ce:fb:f9:19:11:81:a2:c2:95:7c:2a:60:03:01:
         be:ba:b2:dc:2d:ac:a4:c6:39:6c:b3:77:63:7c:82:b7:95:b7:
         64:dc:77:c9:e3:bb:cd:dd:44:bb:29:d7:5d:27:fd:e5:4d:6c:
         77:4f:0c:be:42:7d:ef:b5:87:2c:a0:4b:60:f5:85:57:e9:3e:
         96:28:4d:4b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUPt/++xJD6Mzohtf+6awGRk4W0eQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDEyMjQwNzE1MjhaFw0yNTEyMjMwNzIwMjhaMDMxMTAvBgNV
BAMTKDk3RjM5QTRBREIxMkZENEEwMjJDRDhBMzM4QzRBRkQ1NDlCQTQ1MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM9A2aM/huffdC7AEyffujS+Xm
+hh4pJHKSY82cwX/0Q5cSPG4CYxQLZsjBJVFDPvm9wYcmxCL61TdgjsBV6hBfO+r
eL/MWWx2Ls5LFaElkX1VTpUmi/ve8RVeoq6bH7nSKWgZLarfALFlvh0CuxLjLYzM
GHcamtUPhqOkmqBnzb92B+oU00sgOiDlsMGn9zMwzl5LACBG6jGvzNyIHLujfMTD
9cihorVI4wH3Y+hyHMCMc6m6Seb/ijrdVvZ/ATXZIhaQYUblM+DaWL5SjWSSFvMq
4zZvYq4Yma8RRC3hvfWKi2B/+bFHUbxdKaS6IZDkzw9AsiN+qoVOvXeILr0VAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUl/OaStsS/UoCLNijOMSv1Um6RRswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjIwNzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFccSww
DQYJKoZIhvcNAQELBQADggEBAAchou116sOkrU2lAGkAafAa4qjfOrPB1A9XmIEH
L1sCk62a1wCUyDHsGCz+CuJo0dKU7Ah2PxOp21hKbQTWCRX8qzcyYbPu8A148s4/
hXb/mrABkgolfwQuze6r3wMxD9OslcF6CJKDqI1hQjZ3f2aHDj+fK8llHMScKrEa
URGDP7sbzBwQHCmY8xmGxwfvXHPauXLP+f/YkUbf7zM3C+ARbIGqpXR2xTMybSRr
RMkRtgoNbvLsO0vO+/kZEYGiwpV8KmADAb66stwtrKTGOWyzd2N8greVt2Tcd8nj
u83dRLsp110n/eVNbHdPDL5Cfe+1hyygS2D1hVfpPpYoTUs=
-----END CERTIFICATE-----